We have a scanner in our office which can send scanned documents to any email address specified. After our migration to Exchange 2010 this did not work anymore.

I created a new receive connector. Specified the IP addresses which we’re allowed to relay to external, and then checked the anonymous checkbox.

The scanner was able to send scanned documents to internal email addresses, but it could not send to any external domain.

It turns out that when you place a checkmark in the “anonymous users” checkbox the following permissions are given to the “Anonymous Logon” group:

We are missing the “Ms-Exch-SMTP-Accept-Any-Recipient” , this is preventing the scanner to relay off the exchange server. You can add this permission by opening the EMS (Exchange Management Shell” and issuing the command:

Get-ReceiveConnector "<Receive Connector name>" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

In Exchange 2010 you can’t use ExMerge anymore. In Exchange 2010 you can create a backup from your database (with windows backup), you can then restore it in case of an emergency and attach it to Exchange as a seperate database (recovery database). You can then restore a mailbox’s content.

Prerequisites:

• Make sure your server has the Windows Backup Feature installed
  note: this is based on a windows 2008R2 Server
• Start the Windows service “Microsoft Exchange Server Extension for Windows Server Backup” and set its Startup Type  to automatically

Backup

First of all you have to make a backup of your exchange environment.

• Start Windows Backup
• Click “Backup Schedule” (or Backup Once, if you don’t want the backup to be scheduled and run every night). In the Getting Started Screen click [Next]

  

• You can make a Full Backup of your server or just choose your Exchange directory. I opted to go for the latter one. Choose [Custom] and then click [Next]

  

• Next screens asks you to select the items to backup. Click [Add Items] and add the location where you’re Exchange is installed (mine was D:\Exchange Server). Then Click [Advanced Settings] and make sure you select “VSS full Backup” underneath the tab “VSS Settings”, then click [Next]

  
  

• If you choose the “Backup Schedule” option  in the beginning, you will now be presented with a dialog box in which you can create your schedule. If you created one then click [Next]

  

• The next screen asks for a destination for your backup files.  I chose the “Back up to a shared network folder” option. Then click [Next]

  

• Next is to specify the remote shared folder. Choose one and click [Next]

  

• You will then be prompted with a username and a password question. Fill in an  account which has access to the shared folder you’re backing up to. Click [Finish]

  

• The wizard will create your backup schedule, and then will return the status. It should read “You have successfully created the backup schedule”. Then click [Close].

Ok, you’re backup should be scheduled now. Now let’s see what you have to do whenever you want to restore a mailbox.

Restore

• First of all off course, you have to restore your latest backup. Again start Windows Backup en choose the option [Recover]. On the Recovery Wizard screen that opens select “A backup stored on another location”, then click [Next]
• Specify “Remote Shared Folder” as the location type. Click [Next]
• Enter the remote shared folder location and click [Next]
• On the next screen you have to select the date of the backup you want to recover. Pick one and click [Next]
• Select ”Files and Folders” as the recovery type, then click [Next]
• Now you have to select the Exchange Folder that you created a backup from. Then Click [Next].
• Choose to restore the database to a different location. Click [Next]
• Confirm the restore by clicking [Recover]
• After the restore is done, open up Exchange Management Shell and change the directory to the location where the edb file and the log files are located.
• Run the command: “eseutil /r e00 /d <full path to restore folder>”

  

• Next run the command “eseutil /mh <edb filename.edb>”. In the output you must verify that the state of the database is “Clean Shutdown”

  

• You can now create a new recovery database, named RestoreDB. Execute the command:
  “new-mailboxdatabase –recovery -name RestoreDB -server <ServerName>
  -EdbFilePath <path to edbfile.edb> –logfolderpath <path to folder with logfiles>”

  

• Next is to mount the database with the command:
  ”mount-database –identity RestoreDB”

  

• To restore a mailbox you can now execute the command:
  ”restore-mailbox –identity <mailboxname> –RecoveryDatabase RestoreDB”

That’s it.

• To clean up: dismount the database en then remove the database
  a. ”dismount-database –identity RestoreDB”

  

  b. ”remove-mailboxdatabase –identity RestoreDB”

  You only have to delete the files on the file system manually.

After trying to move a mailbox from Exchange 2003 to Exchange 2010, I received the following error:

Error:
Active Directory operation failed on *DomainController*. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150E8A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:
’*OUStructure*’ | New-MoveRequest -TargetDatabase ‘Mailbox Database 1985885663′ -BadItemLimit ‘-1′

This error can be resolved by editing the Advanced Security Settings for the user.

• Open Active Directory Users and Computers
• Find the user of which the mailbox move caused the error
• Open up the properties of this user and go to the security tab (if this is not available, choose view and then advanced features in the AD users and computers MMC)
• Click on [Advanced]
• Activate the checkbox “Include inheritable permissions from this object’s parent” and then click [OK] twice.